After a couple of false starts from Microsoft, we finally have the death of security bulletins a few months later than expected. Unfortunately, this information change has made the VERT Alert format for Patch Tuesday content impossible to maintain in the same way. Moving forward, Tripwire VERT is investigating a new format that will allow us to deliver the information that matters the most in a timely manner.
As you are currently learning to navigate the new Security Guidance Portal, Tripwire VERT is doing the same. The new content does not offer the same organization and flow that we associate with Microsoft Security bulletins and, by comparison, the Security Guidance Portal feels like an internal tool that the Microsoft Security Response Center (MSRC) made public without a complete usability review.
When Microsoft launched their security bulletins and introduced the concept of Patch Tuesday, they unknowingly set the Gold Standard in vendor-customer security communication. Other vendors still struggle to duplicate what Microsoft accomplished years ago. The Portal, in it’s current iteration, is not an adequate replacement for Security Bulletins, but we can hope that Microsoft is taking feedback, listening to security professionals and customers, and working to improve the system to create a solution that far exceeds the previous offering.
In the meantime, as we look for a new VERT Alert format, we invite feedback from those that consume it. This is the time to reshape the VERT Alert into something even more powerful. What would you like to see added or removed. What information is most important to you when reading a summary of the bulletins?
Please provide your feedback via the comments below. Tripwire customers are also welcome to submit Ideas via the Tripwire Customer Center.
You will see a shorter VERT Alert here, sharing only a few details this month. We hope to deliver the new, improved VERT Alert format within the next few months.